AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-02 03:46:37 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity

Dave Jones's trinity program was able to enable the function tracer

Browse Source 
from a normal user account via the perf syscall "perf_event_open()".
 When I was able to reproduce it with trinity, I was able to track down
 exactly how it happened.
 
 I discovered that the check for whether the function tracepoint should
 be activated or not was using the "perf_paranoid_kernel()" check which
 by default, lets the user continue. The user should not by default be
 able to enable function tracing. The fix is to use
 "perf_paranoid_tracepoint_raw()" which will not let the user enable
 function tracing.
 
 This is a security fix as normal users should never be allowed to
 enable the function tracer.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQEcBAABAgAGBQJSepxvAAoJEKQekfcNnQGuLeQH/jMe/m3ogrf2NaryszjJ12rc
 jyhxXL5tMYNWAY8mp5Dt7WIGgUcNFQFqGq8oNWwc0W/Snil0DHwzwGrbzg6+RMPL
 S53qfQvrU0wuFSQu4NdRfhWnq7JaGbji8jbH+d2QdMj2FpktlqxTq8BZETFgJTes
 Ex8NmU5paROuYeVNviPeqo5Ss4rPeQYmOE12B3rDhJFYvnzy37D11zO34GiVutoM
 mSqSHO5UFig6u2fv347lBM04fBSUDRbK22iXP6kC/xtjgRJh60ElZsRzc5fFzcsQ
 usLZ8IcybzpsEReXofFeLDVk98sZKioKYWpzerKwSc8RYDIIrQXaD94T/EDngV8=
 =QJRi
 -----END PGP SIGNATURE-----

Merge tag 'ftrace-urgent-3.12-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull perf/ftrace fix from Steven Rostedt:
 "Dave Jones's trinity program was able to enable the function tracer
  from a normal user account via the perf syscall "perf_event_open()".
  When I was able to reproduce it with trinity, I was able to track down
  exactly how it happened.

  I discovered that the check for whether the function tracepoint should
  be activated or not was using the "perf_paranoid_kernel()" check which
  by default, lets the user continue.  The user should not by default be
  able to enable function tracing.

  The fix is to use "perf_paranoid_tracepoint_raw()" which will not let
  the user enable function tracing.  This is a security fix as normal
  users should never be allowed to enable the function tracer"

* tag 'ftrace-urgent-3.12-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  perf/ftrace: Fix paranoid level for enabling function tracer
This commit is contained in:
Linus Torvalds 2013-11-08 08:54:53 +09:00
commit 6c86ae2928
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
kernel/trace/trace_event_perf.c
View File

@ -26,7 +26,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
{
/* The ftrace function trace is allowed only for root. */
if (ftrace_event_is_function(tp_event) &&
perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
return -EPERM;
/* No tracing, just counting, so no obvious leak */